Working to help protect customers from vulnerabilities in Adobe software. Contact us at PSIRT(at)adobe(dot)com.

A Security Advisory (APSA16-01) has been published regarding a critical vulnerability (CVE-2016-1019) in Adobe Flash Player. UPDATE: Adobe is aware of reports that CVE-2016-1019 is being actively exploited on systems running Windows 7 and Windows XP Windows 10 and earlier with Flash Player version 20.0.0.306 and earlier. A mitigation introduced in Flash Player 21.0.0.182 currently prevents exploitation of this vulnerability, protecting users running Flash Player 21.0.0.182 and later.

Adobe is planning to provide a security update to address this vulnerability as early as April 7. For the latest information, users may continue to monitor the Adobe Product Security Incident Response Team blog.

This posting is provided “AS IS” with no warranties and confers no rights.

A Security Bulletin (APSB16-08) has been published regarding security updates for Adobe Flash Player. These updates address critical vulnerabilities, and Adobe recommends users update their product installations to the latest versions using the instructions referenced in the security bulletin.

Adobe is aware of a report that CVE-2016-1010 is being actively exploited in the wild in limited, targeted attacks.

This posting is provided “AS IS” with no warranties and confers no rights.

Security Bulletins for Adobe Digital Editions (APSB16-06) as well as Adobe Acrobat and Reader (APSB16-09) have been published. Adobe recommends users update their product installations to the latest versions using the instructions referenced in the relevant security bulletin.

A security update for Adobe Flash Player will also be available in the coming days. We will continue to provide updates via the Adobe PSIRT blog.

This posting is provided “AS IS” with no warranties and confers no rights.

Security Bulletins for Adobe Acrobat and Reader (APSB16-02) have been published. These updates address critical vulnerabilities, and Adobe recommends users update their product installations to the latest versions using the instructions referenced in the relevant security bulletin.

This posting is provided “AS IS” with no warranties and confers no rights.

A prenotification Security Advisory (APSB16-02) has been posted regarding upcoming updates for Adobe Acrobat and Reader scheduled for Tuesday, January 12, 2016. We will continue to provide updates on the upcoming release via the Security Advisory as well as the Adobe PSIRT blog.

This posting is provided “AS IS” with no warranties and confers no rights.

A security bulletin (APSB16-01) has been published regarding security updates for Adobe Flash Player. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.

Adobe is aware of a report that an exploit for CVE-2015-8651 is being used in limited, targeted attacks. Adobe recommends users update their product installations to the latest version using the instructions referenced in the security bulletin.

This posting is provided “AS IS” with no warranties and confers no rights.

A security bulletin (APSB15-32) has been published regarding security updates for Adobe Flash Player. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system. Adobe recommends users update their product installations to the latest version using the instructions referenced in the security bulletin.

This posting is provided “AS IS” with no warranties and confers no rights.

Security Bulletins for ColdFusion (APSB15-29), LiveCycleDS (APSB15-30) and Adobe Premiere Clip (APSB15-31) have been published. These updates address important vulnerabilities, and Adobe recommends users update their product installations to the latest versions using the instructions referenced in the relevant security bulletin.

This posting is provided “AS IS” with no warranties and confers no rights.